Farhath Zareen to present poster at WISE Workshop

April 18, 2018


Farhath Zareen, Computer Science graduate student working with Assistant Professor Robert Karam, was selected to present a poster at the second workshop for Women in Hardware and Systems Security (WISE) at the IEEE International Symposium on Hardware Security and Trust (HOST) on May 3, 2018.  

This selection comes with travel support. Zareen works on projects with Karam related to hardware security. She will present her poster, "Detecting Hardware Trojans in RTL using Artificial Immune System-based Algorithms."

About the project:
From a high-level perspective, security assurance in a computer system can be viewed as distinguishing between self and non-self. Artificial Immune Systems (AIS) are a class of machine learning (ML) techniques inspired by the behavior of innate biological immune systems, which have evolved to accurately classify self-behavior from non-self-behavior. This work aims to extend AIS-based ML techniques to the problem of identifying maliciously modified, or Trojan-inserted circuits, without the need for a golden reference design. The primary threat model is Trojan insertion in an RTL design, where an attacker has added malicious behavior in originally unspecified functionality. Existing Trojan detection methodologies are mainly effective for identifying Trojans that violate design specifications in the event of an activation by a rare trigger condition but are less effective against Trojans that leak sensitive information by manipulating unspecified functionality. These types of Trojans go undetected by traditional verification and detection techniques, since there is no basis for the behavior in the formal specification. We propose a methodology based on AIS algorithms such as Negative Selection or Clonal Selection, which have historically been applied to malware detection in software, that can be used to detect such Trojans in hardware/RTL. The detection methodology leverages Satisfiability Modulo Theory (SMT) and formulates Trojan detection as a satisfiability problem, generating formulae from the design's control and data flow graph (CDFG) which are incorporated in the AIS behavior model.